3 matches found
EUVD-2018-3048
Malware in sbrugna...
Etere EtereWeb SQL Injection Vulnerability
Etere EtereWeb is an enterprise media asset management system from Etere Italy. A SQL injection vulnerability exists in the POST parameters 'txUserName' and 'txPassword' in Etere EtereWeb versions prior to 28.1.20. A remote attacker can exploit this vulnerability to disclose sensitive database...
CVE-2018-10997
The CVE-2018-10997 affects Etere EtereWeb prior to 28.1.20. A pre-authentication blind SQL injection exists in the POST parameters txUserName and txPassword, allowing an attacker to disclose database content and potentially other sensitive information without authentication. Public references con...